In Eclipse GlassFish versions 5.1.0 to 6.2.5, there is a vulnerability in relative path traversal because it does not filter request path starting with './'. Successful exploitation could allow an remote unauthenticated malicious user to access critical data, such as configuration files and deployed application source code.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
eclipse glassfish |